Zuplo

The Request Validation policy is used to validate incoming requests based on schemas in OpenAPI specifications.

When configured, any requests that do not conform to your OpenAPI schema will be rejected with a 400: Bad Request response containing a detailed error message (in JSON) explaining why the request was not accepted.

Here's an example of how to specify a schema for validation in a request body in OpenAPI.

        "requestBody": {
          "description": "user to add to the system",
          "content": {
            "application/json": {
              "schema": {
                "type": "object",
                "properties": {
                  "name": {
                    "type": "string"
                  },
                  "age": {
                    "type": "integer"
                  }
                },
                "required": [
                  "name",
                  "age"
                ]
              }
            }
          }
        }

Configuration#

{
  "name": "my-request-validation-inbound-policy",
  "policyType": "request-validation-inbound",
  "handler": {
    "export": "RequestValidationInboundPolicy",
    "module": "$import(@zuplo/runtime)",
    "options": {
      "logLevel": "info",
      "validateBody": "log-only",
      "includeRequestInLogs": false
    }
  }
}

Options#

name the name of your policy instance. This is used as a reference in your routes.
policyType the identifier of the policy. This is used by the Zuplo UI. Value should be request-validation-inbound.
handler/export The name of the exported type. Value should be RequestValidationInboundPolicy.
handler/module the module containing the policy. Value should be $import(@zuplo/runtime).
handler/options The options for this policy:
- logLevel
  Optional. Specify one of the log levels: 'error | warn | info | debug'. Default: info
- validateBody
  Optional. Specify one of the options: 'none, log-only, reject-and-log, reject-only'. Default: none
- validateQueryParameters
  Optional. Specify one of the options: 'none, log-only, reject-and-log, reject-only'. Default: none
- validatePathParameters
  Optional. Specify one of the options: 'none, log-only, reject-and-log, reject-only'. Default: none
- validateHeaders
  Optional. Specify one of the options: 'none, log-only, reject-and-log, reject-only'. Default: none
- includeRequestInLogs
  Optional. Specify whether to include the request in the logs. Default: false

Configuration#

Options#

Was this article helpful?